Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo
Trustwave and Cybereason Merge to Form Global MDR Powerhouse for Unparalleled Cybersecurity Value. Learn More

Request a Demo
Services
Managed Detection & Response

Eliminate active threats with 24/7 threat detection, investigation, and response.

Co-Managed SOC (SIEM)

Maximize your SIEM investment, stop alert fatigue, and enhance your team with hybrid security operations support.

Advisory & Diagnostics

Advance your cybersecurity program and get expert guidance where you need it most.

Penetration Testing

Test your physical locations and IT infrastructure to shore up weaknesses before exploitation.

Database Security

Prevent unauthorized access and exceed compliance requirements.

Email Security

Stop email threats others miss and secure your organization against the #1 ransomware attack vector.

Digital Forensics & Incident Response

Prepare for the inevitable with 24/7 global breach response in-region and available on-site.

Firewall & Technology Management

Mitigate risk of a cyberattack with 24/7 incident and health monitoring and the latest threat intelligence.

View All Trustwave Services
Solutions
BY INDUSTRY
BY REGULATION
BY TOPIC
Microsoft Security
Unlock the full power of Microsoft Security
Offensive Security
Solutions to maximize your security ROI
Rapidly Secure New Environments
Security for rapid response situations
Securing the Cloud
Safely navigate and stay protected
Securing the IoT Landscape
Test, monitor and secure network objects
Why Trustwave
About Us
We reduce cyber risk and fortify organizations
Awards and Accolades
Recognition by analysts and media outlets
Trustwave SpiderLabs Team
Global researchers, ethical hackers, and responders
Trustwave Fusion Security Operations Platform
Unprecedented security visibility and control
Trustwave Security Colony
Access to cybersecurity threat protection resources
Partners
Technology Alliance Partners
Key alliances who align and support our ecosystem of security offerings
Trustwave PartnerOne Program
Join forces with Trustwave to protect against the most advance cybersecurity threats
Register
Login
Resources
BLOGS
UPCOMING
MEDIA & ASSETS
NOTICES
HELP
Loading...
Loading...

Trustwave Knowledge Base

Home » Knowledgebase » FTP » FAQ: How to enable the Native FTP proxy and how to use it

FAQ: How to enable the Native FTP proxy and how to use it

Expand / Collapse
Show/Hide Article Tools


  • Question

    How can I configure the scanning server to work with native FTP?


  • Answer

    In order to enable the scanner to scan native FTP sessions:

     

    1. In Versions 8.5: Log in to the managment console and go to Settings -> Devices -> Scanner IP -> FTP.
        In Version 9.0 and above: Log in to the management console and go to Administration -> System Settings -> Finjan Devices -> Scanner IP -> FTP.

    2. In the FTP Configuration mark the ‘Enable FTP’ check box and other settings if needed.

    3. Apply and commit the changes.

    4. In order to check that the scanner actually scan the FTP data, here are two examples showing how to verify that the scanner is actually checking the FTP sessions.

    In order to do this we must make sure that the FTP session will go through the proxy (example: SGW appliance IP is 10.194.48.1).

     

    Start ftp CLI client:
    > ftp
    set the session to move through the scanner (proxy)
    open :
    > open 10.194.48.1 2121

    The following prompt will be displayed:
    220 Frox transparent ftp proxy. Login with username[@host[:port]] [client_ip][/client_username]
    User (10.194.48.1:(none)):

    Enter the login details.
    For example:
    anonymous@ftp.zillionsofgames.com:21

    After this the phase we have a connection to the remote FTP via the proxy (scanner).
    Any download operation will be examined by it.

    Example of a ‘get’ request from the FTP server:

    ftp> get sampzeng.zip
    200 PORT command successful.
    150-Starting Transfer
    150-There'll be a delay while we scan for viruses
    150-Scanning file for viruses
    150 Not starting Transfer
    451 File contains virus. Aborting




    • Related article(s)
    Q13497 - How to configure FileZilla 3.x for use with FTP Proxy


  • Software Version
    8.5
    9.x

    • This article applies to:
    NG 1000
    NG 5000
    NG 6000
    NG 8000
    This article was previously published as:
    Finjan KB 1249

    To contact Trustwave about this article or to request support:

    Rate this Article:
         

    Add Your Comments


    Comment submission is disabled for anonymous users.
    Please send feedback to Trustwave Technical Support or the Webmaster    .


    Execution: 0.031. 8 queries. Compression Disabled.
    Powered by InstantKB.NET